Date post: | 02-Jul-2015 |
Category: |
Technology |
Upload: | sumo-logic |
View: | 435 times |
Download: | 4 times |
TechChat - What's New in Sumo Logic
Colin Corstorphine - Customer Success ManagerBen Newton - Senior Product Manager
Transaction Analytics
Track and analyze the components and flow of each transaction across the underlying infrastructure for
deeper contextual insights
Transaction Analytics Use Cases
•For example, detect source and root-cause of failed registrations
Correlate Customer Experience Issues
•Evaluate new product releases and formulate product strategy by analyzing user interaction
Determine User Behavior and Product Strategy
•Discover problems and slowdowns in your application transactions
Troubleshoot Application Problems
DEMO
Examine Transactions in Detail
Examine Transaction Flow
Field Extraction Rules
Automatically extract fields after collection and leverage those fields across the entire Sumo Logic Product
Field Extraction Benefits
•Remove the need to parse out fields at search time
Simplifying Searches
•Guarantee the same field names across teams, searches, and dashboards
Standardizing Searches and Field Names
•Quickly search logs based on field values without using where clauses
Search Performance
DEMO
Example: Apache Access
• Parsing Statements in lots of searches
• Fields commonly placed in where clauses– Ex. Use fieldname=foo in search constraints
• Fields used to tie logs together– Ex. Session ID, user name, process ID, etc.
• Fields used in long searches– Ex. User Name search over 7 days
Where do I use Field Extraction Rules?
Sumo Logic Confidential
• Extract the minimum fields necessary
• Make sure that your field extractions cover common searches
• Don’t extract fields if the parsing is in question or subject to change
• Supported Operators• parse, parse regex/extract, where, if, as
Field Extractions best practices
Sumo Logic Confidential
• Field Extraction Rules are processed directly after ingestion• Before partitioning, dashboards, etc.
• There is a 50 rule limit
• There is a 200 field limit
• Searching will display ALL possible fields from results
Important Details
Sumo Logic Confidential
Recent and Pinned Searches
Don’t lose search results when closing your browser, run searches in the background, and retain results for 3 days
Recent and Pinned Searches Benefits
•Recent search results kept for up to 3 hours
No More Lost Searches
•Pin a search to run in the background and keep the results up to 3 days
No more timed-out searches
DEMO
• Only 10 total pinned searches allowed at one time
• Pinned searches pause after 24 hours and can be started back again
• Non-aggregate searches paused automatically after 100K results. Queries can be resumed if desired.
Important Details
Sumo Logic Confidential
Q&A
Sumo Logic Confidential